Consider a photocopier in a public library or a corporation, which is connected through a network to a remote database of target or “special” documents. Special documents may refer to copyrighted documents, secure documents, etc. The owner of the database therefore seeks to know if any user makes a photocopy of a document in that database, in order to charge a copyright fee, update copyright lists, enforce privacy policies, and so on. In order for this to occur, information about a document or the document itself would need to be transferred to the owner of the database. However, there are problems associated with this information exchange. First, the communications channel may not be secure, and thus a spy or snoop could intercept and gain access to the contents of the document. A solution to the first problem is transmitting the document via a secure communications channel, such as encrypting the document, as is well known in the art.
Although encryption of the document prevents an eavesdropper from discovering the contents of the transmitted document, the owner of the database is still given access to the contents of the document. That is, when the owner of the database receives the encrypted document, they will decrypt the document to determine if there is a match in the database. If there is no match, then the user has revealed the contents of their document unnecessarily. As such, the user has released potentially important information about the document being tested by the database owner.